Tuesday, October 27, 2009

Review of SQL Injection Attacks and Defense Posted

I just finished reviewing The Web Application Hacker's Handbook, calling it a "Serious candidate for Best Book Bejtlich Read2009." SQL Injection Attacks and Defense (SIAAD) is another serious contender for BBBR09. In fact, I recommend reading TWAHH first because it is a more comprehensive overview of Web application security. Next, read SIAAD as the definitive treatise on SQL injection. Syngress does not have a good track record when it comes to books with multiple authors -- SIAAD has ten! -- but SIAAD is clearly a winner.